Skip to main content

Clifford Chance

Clifford Chance
Briefings

Briefings

NYDFS Penalizes Cruise Ship Operator For Failing To Prevent And Timely Report Cyberattacks

July 12, 2022

On June 23, 2022, the New York Department of Financial Services issued a Consent Order finding that cruise ship operator Carnival Corporation violated the Department's cybersecurity regulation by failing to implement required policies and procedures as well as report several cyber incidents that the company experienced.  The enforcement action signals DFS's determination to ensure all licensed entities—including victims of cyberattacks—fully protect sensitive customer and employee data by rigorously adhering to NYDFS's cybersecurity regulation.

Download PDF